Local and Remote Notification Programming Guide

Provisioning and Development

Development and Production Environments

To develop and deploy the provider side of a client/server app, you must get SSL certificates from Member Center. Each certificate is limited to a single app, identified by its bundle ID. Each certificate is also limited to one of two development environments, each with its own assigned hostname:

Development: Use the development environment for initial development and testing of the provider app. It provides the same set of services as the production environment, although with a smaller number of server units. The development environment also acts as a virtual device, enabling simulated end-to-end testing.

You access the development environment at gateway.sandbox.push.apple.com, outbound TCP port 2195.

Production: Use the production environment when building the production version of the provider app. Apps using the production environment must meet Apple’s reliability requirements.

You access the production environment at gateway.push.apple.com, outbound TCP port 2195.

You must get separate certificates for the development environment and the production environment. The certificates are associated with an identifier of the app that is the recipient of remote notifications; this identifier includes the app’s bundle ID. When you create a provisioning profile for one of the environments, the requisite entitlements are automatically added to the profile, including the entitlement specific to remote notifications, <aps-environment>. The two provisioning profiles are called Development and Distribution. The Distribution provisioning profile is a requirement for submitting your app to the App Store.

OS X Note: The entitlement for the OS X provisioning profile is com.apple.developer.aps-environment, which scopes it to the platform.

You can determine in Xcode which environment you are in by the selection of a code-signing identity. If you see an “iPhone Developer: Firstname Lastname” certificate/provisioning profile pair, you are in the development environment. If you see an “iPhone Distribution: Companyname” certificate/provisioning profile pair, you are in the production environment. It is a good idea to create a Distribution release configuration in Xcode to help you further differentiate the environments.

Although an SSL certificate is not put into a provisioning profile, the <aps-environment> is added to the profile because of the association of the certificate and a particular App ID. As a result this entitlement is built into the app, which enables it to receive remote notifications.

Provisioning Procedures

Apple Push Notification service (APNs) is available only to apps distributed through the iOS App Store or Mac App Store. Your app must be provisioned and code signed to use app services. If you are a company, most of these configuration steps can be performed only by a team agent or admin.

However, APNs is not fully enabled until you create the client SSL certificates in Member Center, as described in Creating Push Notification Client SSL Certificates. Create a development client SSL certificate if you are developing and testing your app. The signing identities for client SSL certificates with the private keys are stored in your keychain. To export a client SSL signing identity and install it on your server, read Installing Client SSL Certificates.

When you are ready to create your production client SSL certificate, follow the same steps in Creating Push Notification Client SSL Certificates but select the SSL certificate under Production, not Development. You must create the production client SSL certificate before you submit your app to the store.

After you configure your app to use APNs, Xcode automatically creates the necessary distribution provisioning profiles when you export your iOS app for beta testing or submit your app to the store.